Amazon SOA-C01 AWS Certified SysOps Administrator – Associate Online Training
Amazon SOA-C01 Online Training
The questions for SOA-C01 were last updated at Apr 26,2024.
- Exam Code: SOA-C01
- Exam Name: AWS Certified SysOps Administrator - Associate
- Certification Provider: Amazon
- Latest update: Apr 26,2024
A SysOps Administrator must find a way to set up alerts when Amazon EC2 service limits are close to being reached.
How can the Administrator achieve this requirement?
- A . Use Amazon Inspector and Amazon CloudWatch Events.
- B . Use AWS Trusted Advisor and Amazon CloudWatch Events.
- C . Use the Personal Health Dashboard and CloudWatch Events.
- D . Use AWS CloudTrail and CloudWatch Events.
A SysOps administrator created an AWS service catalog portfolio and shared the portfolio with a second AWS account in the company. The second account is controlled by a different administrator.
Which action will the administrator of the second account be able to perform?
- A . Add a product from the imported portfolio to a local portfolio.
- B . Add new product to the imported portfolio.
- C . Change the launch role for the products contained in the imported portfolio.
- D . Remove Products from the imported portfolio.
After launching a new Amazon EC2 instance from a Microsoft Windows 2012 Amazon Machine Image (AMI), the SysOps Administrator is unable to connect to the instance using Remote Desktop Protocol (RDP). The instance is also unreachable. As part of troubleshooting, the Administrator deploys a second instance from a different AMI using the same configuration and is able to connect to the instance.
What should be the next logical step in troubleshooting the first instance?
- A . Use AWS Trusted Advisor to gather operating system log files for analysis.
- B . Use VPC Flow Logs to gather operating system log files for analysis.
- C . Use EC2Rescue to gather operating system log files for analysis.
- D . Use Amazon metrics using Amazon CloudWatch Logs.
C
Explanation:
Reference https://aws.amazon.com/premiumsupport/knowledge-center/troubleshoot-remote-desktop-connection-ec2-windows/
An application team has asked a sysops administrator to provision an additional environment for an application in four additional regions. The application is running on more than 100 instances in us-east-1, using fully baked AMIs, An AWS CloudFormation template has been created to deploy resources in us-east-1.
What must the sysops administrator do to provision the application quickly?
- A . Copy the AMI to each region using aws ec2 copy-image Update the CloudFormation mapping include mappings for the copy AMIs.
- B . Creating a snapshot of the running instance and copy the snapshot to the other regions. Create an AMI from the snapshots. Update the CloudFormation template for each region to use the new AMI.
- C . Run the existing CloudFormation template in each additional region based on the success of the template used currently in us-east-1.
- D . Update the CloudFormation template to include the additional regions in the auto scaling group. Update the existing stack in us-east-1.
A company has an application database on Amazon RDS that runs a resource-intensive reporting job This is causing other applications using the database to run slowly
What should the SysOps Administrator do to resolve this issue*?
- A . Create Amazon RDS backups
- B . Create Amazon RDS read replicas to run the report
- C . Enable Multi-AZ mode on Amazon RDS
- D . Use Amazon RDS automatic host replacement
A SysOps Administrator receives reports of an Auto Scaling group failing to scale when the nodes running Amazon Linux in the cluster are constrained by high memory utilization.
What should the Administrator do to enable scaling to better adapt to the high memory utilization?
- A . Create a custom script that pipes memory utilization to Amazon S3, then, scale with an AWS Lambda-powered event
- B . Install the Amazon CloudWatch memory monitoring scripts, and create a custom metric based on the script’s results
- C . Increase the minimum size of the cluster to meet memory and application load demands
- D . Deploy an Application Load Balancer to more evenly distribute traffic among nodes
A SysOps Administrator is deploying a legacy web application on AWS. The application has four Amazon EC2 instances behind Classic Load Balancer and stores data in an Amazon RDS instance. The legacy application has known vulnerabilities to SQL injection attacks, but the application code is no longer available to update.
What cost-effective configuration change should the Administrator make to migrate the risk of SQL injection attacks?
- A . Configure Amazon GuardDuty to monitor the application for SQL injection threats.
- B . Configure AWS WAF with a Classic Load Balancer for protection against SQL injection attacks.
- C . Replace the Classic Load Balancer with an Application Load Balancer and configure AWS WAF on the Application Load Balancer.
- D . Configure an Amazon CloudFront distribution with the Classic Load Balancer as the origin and subscribe to AWS Shield Standard.
D
Explanation:
Reference http://jayendrapatil.com/page/15/?cat=-1
A SysOps Administrator is tasked with deploying and managing a single CloudFormation templates across multiple AWS Accounts. accomplish this?
- A . change sets.
What features of AWS CloudFormation will - B . Nested stacks
- C . Stack policies
- D . StacksSets
Which command must be present in a Cisco device configuration to enable the device to resolve an FQDN?
- A . ip domain-name
- B . ip domain-lookup
- C . ip host
- D . ip name-server
A SysOps Administrator must secure AWS CloudTrail logs. The Security team is concerned that an employee may modify or attempt to delete CloudTrail log files from its Amazon S3 bucket.
Which practices ensure that the log files are available and unaltered? (Choose two.)
- A . Enable the CloudTrail log file integrity check in AWS Config Rules.
- B . Use CloudWatch Events to scan log files hourly.
- C . Enable CloudTrail log file integrity validation.
- D . Turn on Amazon S3 MFA Delete for the CloudTrail bucket.
- E . Implement a DENY ALL bucket policy on the CloudTrail bucket.